| عنوان | code-projects Human Resource Integrated System published August 1, 2025 SQL Injection |
|---|
| الوصف | Summary
The vulnerability exists in the insert-and-view component due to improper handling and validation of user input in SQL queries.
Root Cause
The application uses outdated mysql_* functions (mysql_query) in action.php without fully sanitizing or parameterizing user input. Specifically, the inputs obtained via $_POST['content'] are directly embedded into SQL queries.
Example code snippet:
$content = mysql_real_escape_string($_POST['content']);
mysql_query("insert into comment(msg,ip_add) values ('$content','$ip')");
Although mysql_real_escape_string mitigates basic SQL injection, it does not prevent more complex injection scenarios or second-order SQL injection attacks.
Reproduction
Navigate to the application's comment submission form.
Submit the following payload:
'); DROP TABLE comment; --
Observe that the injected SQL query alters the intended database operations.
Impact
An attacker could leverage this vulnerability to manipulate the database, execute arbitrary SQL commands, access sensitive data, or disrupt database integrity. |
|---|
| المصدر | ⚠️ https://github.com/shenxianyuguitian/hris-vuln-sqli/blob/main/README.md |
|---|
| المستخدم | xuanyuesanshi (UID 88126) |
|---|
| ارسال | 01/08/2025 08:08 AM (9 أشهر منذ) |
|---|
| الاعتدال | 02/08/2025 08:54 AM (1 day later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 318599 [code-projects Human Resource Integrated System 1.0 action.php content حقن SQL] |
|---|
| النقاط | 20 |
|---|